We're pleased that two members of Congress have asked the Government Accountability Office to study whether federal regulators are adequately addressing the security risks involved in using wireless medical devices.
Federal authorities are launching several pilots to test metadata standards that could help pave the way for secure nationwide electronic health information exchange.
Because social media pose significant risks to patient privacy, healthcare organizations need to develop detailed social media policies. But unfortunately, many organizations have yet to take that action.
A hospital CIO calls for studies of how best to match patients to their records, citing the issue as critical to the success of health information exchanges.
Trust has been a murky trait on the Internet since its inception. Remember the New Yorker cartoon? A dog, sitting by a PC, says: "On the Internet, nobody knows you're a dog." It's hard to trust what you see on the Net. That's more true today than ever.
The Health IT Policy Committee has endorsed best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when viewing or downloading them, such as through a hospital's or clinic's portal.
The HHS Office for Civil Rights should carefully consider comments received on its proposal to require healthcare organizations to provide patients with a complete list of everyone who has electronically viewed their information.
Federal authorities have received more than 400 comments on a proposed Accounting of Disclosures Rule, including many complaints that its patient record access report provision is impractical.
About a dozen privacy controls are expected to be added to the next revision of NIST's security controls' guidance, SP 800-53, says NIST Senior Computer Scientist Ron Ross says.
Associations representing clinic administrators, healthcare CIOs and health information managers are asking federal regulators to go back to the drawing board on the access report provision of a proposed Accounting of Disclosures rule.
The Privacy and Security Tiger Team is spelling out best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when downloading them from a hospital or a clinic.
It is no longer enough for information security professionals to secure critical information. They also need to be asking about the legitimacy of where this information comes from, says John Colley, managing director of (ISC)2 in EMEA.
NIST's Ron Ross points out that its seminal security control guidance, Special Publication 800-53, contains only one privacy control, requiring agencies to conduct a privacy impact assessment. That will change by year's end.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.